<?php
class PublicAction extends Action{

	public function login()	{
		
		$this->display();
		
	}
	
	public function checkLogin() {
		
		$email=trim($_POST['email']);
		$password=trim($_POST['password']);
		
		if(empty($email))
		{
			$this->error('用户名不能为空!!!');
		}
		
		if(empty($password))
		{
			$this->error('密码不能为空!!!');
		}
		$map=array();
		$map["email"]=$email;
//		$map["password"]=$password;
		import('ORG.Util.RBAC');
		
		$authInfo = RBAC::authenticate($map);
		dump($authInfo);
		if(false === $authInfo)
		{
			$this->error('帐号不存在或已禁用！');
		} 
		else
		{
			if($authInfo['password'] != md5($_POST['password'])) 
			{
				$this->error('密码错误！');
			}
			
			if($authInfo['email']=='m23linzhe@gmail.com') {
                $_SESSION['administrator'] = true;
            }
            
            $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id'];
			
			$this->assign('username',$authInfo['account']);
			dump($authInfo['account']);
			//保存登录信息
			$User = M('User');
			Load('extend');
			$ip = get_client_ip();
			$time = time();
			$data = array();
			$data['id'] = $authInfo['id'];
			$data['last_login_time'] = $time;
			$data['login_count'] = array('exp', 'login_count+1');
			$data['last_login_ip'] = $ip;
			$User->save($data);
            // 通过RBAC类中的静态方法saveAccessList缓存访问权限
            RBAC::saveAccessList();
            
            $this->assign('jumpUrl',__APP__.'/Index/index');
            $this->success('登录成功！');
		}
	}


	function verify()
	{
		import('ORG.Util.Image');
		if(isset($_REQUEST['adv']))
		{
			Image::showAdvVerify();
		}
		else
		{
			Image::buildImageVerify();
		}
	}

	public function authorizationstop()
	{
		$this->display();
	}

	function logout(){
		if(isset($_SESSION[C('USER_AUTH_KEY')])) {
			unset($_SESSION[C('USER_AUTH_KEY')]);
			unset($_SESSION);
			session_destroy();
            $this->assign("jumpUrl",__URL__.'/login/');
            $this->success('登出成功！');
        }else {
            $this->error('已经登出！');
        }
	}
}
?>